Smartwatch security ‘lacking’ says HP study

Researchers at the multinational company found that the increasingly popular devices are susceptible to being hacked or corrupted because they lack basic, industry standard security measures.

The authors of the Smartwatch Security Study explained that every single smartwatch tested contained significant vulnerabilities, meaning that they are more likely to be targeted in even greater numbers in comparison to other, better-protected devices.

“Smartwatches have only started to become a part of our lives, but they deliver a new level of functionality and we will increasingly use them for sensitive tasks,” commented Jyoti Prakash, country director of India and SAARC countries at HP Enterprise Security Products.

“As this activity accelerates, the watch platform will become vastly more attractive to those who would abuse that access, and it’s critical that we take precautions when transmitting personal sensitive data or bringing smartwatches into the workplace.”

The main flaws in the majority of smartwatches tested include outmoded transport encryption, poor user authentication and web interfaces that were insecure.

Notably, every single device examined was notably absent of a two-factor authentication process, a robust security method that requires users submit two different types of ID when accessing a particular service.

Researchers at HP also documented their concerns over the potential privacy issues that might emerge as a consequence of the security flaws evident in the wearable tech, which users are particularly anxious about.

Many smartwatch apps, for example, contain personal information such as a person’s name, date of birth, their medical and health records, as well as data on locations visited.

HP advised consumers to be cautious about the smartwatch they select and the kind of information they input into their devices, while “manufacturers work to incorporate necessary security measures”.